<?php
defined( '_VALID_MOS' ) or die('<script>window.location.href="http://www.kinifurniture.com";</script>');
if($active)
	{
		$Res=$dbh->query("update anggota set active='Y' where md5(user_id)='$active'");
		if($Res)
//		if(@mysql_num_rows($Res)>0)
			{
				$qry212="select * from anggota where md5(user_id)='$active' and active='Y'";
				$res212=$dbh->query($qry212);
				if(@mysql_num_rows($res212)>0)
					echo '<script>location.href="./index.php?show=message&msg=act01";</script>';
				else
					echo '<script>location.href="./index.php?show=message&msg=act02";</script>';
			}
			else
				echo '<script>alert("Error");</script>';
	}

if($username)
	{
	$Res=$dbh->query("select * from anggota where username='$username' AND password='$password'");
	
	if(@mysql_num_rows($Res)>0)
		{
		$Data=@mysql_fetch_object($Res);	
		
		if($Data->suspend=='Y')
			echo '<script>document.location="index.php?show=message&msg=spd01";</script>';
		else
			{
			if($Data->active=='Y')
				{
				@session_start();
				// @session_register('SESSIONUSERID');
				$_SESSION['session_name'] = 'SESSIONUSERID';
				$_SESSION['SESSIONUSERID'] = $Data->user_id;
			
				$sql=$dbh->query("update user set online='Y' where user_id='$_SESSION[SESSIONUSERID]'");
			
				$timeoutseconds = 60; // length of session, 1 minutes 
				$timestamp=$CURRENT_TIME; 
				$timeout=$timestamp-$timeoutseconds;
			
				$Res1=$dbh->query("select * from tbl_session where sysID='".$_SESSION['SESSIONUSERID']."'");
				$Data1=@mysql_fetch_object($Res1);
			
				if(@mysql_num_rows($Res1)==0)
					{
						$insertQry=$dbh->query("insert into tbl_session (sess_id, ip,Timestamp,sysID,login_date,login_time,browser,online_time,active) values('".session_id()."','".$_SERVER['REMOTE_ADDR']."','$timestamp','".$_SESSION['SESSIONUSERID']."','".date("d-m-Y")."','".date("H:m:s")."','".$_SERVER['HTTP_USER_AGENT']."','".$CURRENT_TIME."',1)");
						$_SESSION['SESSIONBROWSEONLINE']=mysql_insert_id();
					}
					else
					{
						$dbh->query("update tbl_session set Timestamp='$timestamp', active='1', sess_id= '".session_id()."', IP='".$_SERVER['REMOTE_ADDR']."', login_date='".date("d-m-Y")."', login_time='".date("H:m:s")."', browser='".$_SERVER['HTTP_USER_AGENT']."', online_time='".$CURRENT_TIME."' where sysID='".$_SESSION['SESSIONUSERID']."'");
						$_SESSION['SESSIONBROWSEONLINE']=$Data1->id;
					}
			
				echo '<script>document.location="index.php?show=catalogue";</script>';
			
				}
				else
					echo '<script>document.location="index.php?show=message&msg=act03";</script>';
			}
		}
	else
		echo '<script>document.location="index.php?show=message&msg=reg03";</script>';
	}
?>